Senior Specialist, Information Security Systems

About The Position

Requirements

• Bachelor's degree in Information Systems, Cyber Security, Information Assurance, or related technical field with 6 years minimum prior related work experience or equivalent combination of education and work experience.
• Graduate Degree and a minimum of 4 years of prior related experience.
• In lieu of a degree, minimum of 10 years of prior related experience.
• Prior experience developing and updating Certification and Accreditation documentation and system authorization artifacts under the Risk Management Framework (CNSSI 1253/NIST 800-53, etc.) or previous C&A frameworks such as DIACAP/NIACAP/DSS ISFO and NISPOM Chapter 8.
• Experience with DoD STIG's, CIS Benchmarks, NESSUS, SCAP, ACAS, or other related hardening and compliance assessment tools to oversee the implementation and enforcement of security policies.
• Experience with Windows and Linux client/server security administration and the underlying technologies such as TCP/IP, DNS, LDAP, and the security subsystem (IA&A).
• Experience in evaluating hardware security such as Trusted Platform features, EEFI/BIOS security, and sanitization measures.

Nice To Haves

• Minimum 5 years of experience in information assurance or security.
• Minimum 3 year of experience with RMF/DIACAP/NISPOM.
• Experience working in a team-oriented, collaborative environment.
• Experience working with Linux is preferred.

Responsibilities

• Create and provide the government ISSM with the program System Security Plan (SSP), Continuous monitoring plan, Security Assessment Report, Privileged User's Guide, Plan of Action and Milestones (POA&M) and other Risk Management Framework (RMF) security documentation.
• Notify the project team of appropriate security measures, identify potential security weaknesses, recommend improvements to address vulnerabilities, and monitor system security.